Of course, this isn't from Vodafone at all. The link in the email goes to [donotclick]gabilevin.com/wp-includes/SimplePie/Net/vodafoneteam which downloads a ZIP file 2014_06rechnung_pdf_vodafone.zip which in turn contains the malicious executable 2014_06rechnungonline_pdf_vodafone_00930220374_53790190_82456.exe which has a low detection rate of 3/54 at VirusTotal.

The Malwr report shows that this performs a download from 204.93.183.196:8080/70144646/974aade0/ (Server Central, US) which in turn drops another malicious binary rqvupdate.exe which also has a detection rate of just 3/54. The Malwr report for that is here.